If you have sent an email from your Wayne Connect account to a Hotmail, MSN, or Live.com email address within the past week, you probably had it bounce back as “undeliverable.” That’s because these email providers have flagged Wayne Connect as a source of spam.
How did this happen? It’s the result of a long chain of events:
- Spammers send phishing messages to Wayne Connect accounts. Some users — even a handful– take the bait and send in their AccessID and password
- Or, the spammers used passwords from LinkedIn accounts to break into a Wayne Connect account — because the Wayne Connect user’s passwords were identical on both systems
- Spammers use the compromised AccessIDs to send millions of spam messages
- Spam recipients report spam to Real-Time Blackhole List (RBL) services such as SpamCop
- Multiple reports to the RBL service “confirm” that Wayne Connect is a spam source, and it is placed on the RBL.
- Email providers check the RBL to make a quick decision about an incoming message that originated from Wayne Connect. If Wayne Connect is on the RBL, they bounce the message and send some cryptic info mentioning SMTP Error 550.
- Wayne Connect support staff is alerted about the RBL status; locate the compromised Wayne Connect accounts and close them down; then contact the RBL services to remove Wayne Connect’s entry.
- The RBL services wait several days to process the request, to make sure that the spam has truly stopped.
- Email resumes flowing again after Wayne Connect is removed from the RBL services.
As you can see, even if just a few people are victimized by spammers, it can spell trouble for many other Wayne Connect users. You can help by being vigilant when handling your email. Here are some good tips to remember (adapted from Microsoft’s Safety & Security Center):
- Before you click, preview a link’s web address. Move your mouse pointer over a link without clicking it. The address should appear on the bottom bar of your web browser. Official Wayne State web addresses always end in wayne.edu
- Check the spelling. Spammers often use deliberate, easily overlooked misspellings to deceive users. Examples that we have seen include wanye.edu and waney.edu
- Carefully evaluate contact information in email messages. Watch out for spelling errors or if no phone number provided. One recent phish used the non-existent email address firstname.lastname@example.org — which looks legitimate, but no phone number was provided.
If you have found a phish — report it! Just follow these simple instructions on WSU’s IT Knowledgebase.
If you’re in doubt, just leave the email message alone and contact the C&IT Help Desk 313-577-4778.
If you want to learn more ways to identify phish, check out our Is an email legitimate? guide.
Got questions? Post them below!